v2ray HTTP2 openwrt ipset （二）

这回把http伪装改成http2，好处暂时在我看来就是少写几行配置。坏处，工序稍微复杂一点点。

http2需要tls，就需要证书，咋弄，网上搜搜，我就不转贴了。

而我写的这篇与白话文教程、网上其它文章不同的就在于“host”： 这里，个人感觉这才是精华所在。

配置如下

服务器：

{
   "inbounds": [{
     "port": 监听的端口（最好随便别整443啥的）,
     "listen":"监听的ip",
     "protocol": "vmess",
     "settings": {
       "clients": [
         {
           "id": "随便长点但应该不能用中文",
           "level": 1,
           "alterId": 64,
           "security": "auto"
         }
       ]
     },
    "streamSettings": {
         "network": "h2",
         "httpSettings": {
     "host": ["baidu.com" ,"qq.com" 
,"sina.cn" ,"jd.com"],  //加多点国内流量大的通俗域名
     "path": "/随便应该不能用中文但最好正常点的单词，最好用那些通俗网站里的文件夹名/"
         },
     "security": "tls",
     "tlsSettings": {
         "certificates": [
         {
           "certificateFile": "/etc/v2ray/v2ray.crt",
           "keyFile": "/etc/v2ray/v2ray.key"
         }
         ]
       }
       }
   }],
   "outbounds": [{
     "protocol": "freedom",
     "settings": {}
   },{
     "protocol": "blackhole",
     "settings": {},
     "tag": "blocked"
   }],
   "routing": {
     "rules": [
       {
         "type": "field",
         "ip": ["geoip:private"],
         "outboundTag": "blocked"
       }
     ]
   }
 }

openwrt的配置

{
   "log": {
     "loglevel": "warning"
   },
   "inbounds": [{
     "port": openwrt开放的端口,
     "listen": "0.0.0.0",
    
"protocol": "dokodemo-door",
 "settings": {
  "address": "", 
  "network": "tcp,udp",
  "timeout": 300,
  "followRedirect": true
 }
}], 

"outbounds": [{
     "protocol": "vmess",
     "settings": {
     "vnext": [
           {
            "address": "服务器地址",
                 "port": 服务器端口,
             "users": [
               {
                 "id": "服务器clients id", 
                 "alterId": 64,
                 "security": "auto"
                 }
             ]
           }
           ]
     },
      "streamSettings": {
        "network": "h2",
         "security": "tls",
         "httpSettings": {
            "host": ["baidu.com","qq.com","www.163.com","bing.com"], //可以加一些和服务器不同的域名，它会随机和服务器连接。
           "path": "/服务器设定的文件夹/"
         }
       },
     "tag": "direct"
   },{
     "protocol": "freedom",
     "settings": {},
     "tag": "direct"
   }], 
   "routing": {
     "domainStrategy": "IPOnDemand",
     "rules":[
     {
       "type": "field",
       "ip": ["geoip:cn",
              "geoip:private"],
       "outboundTag": "direct"
     },
     {
        "type": "field",
        "outboundTag": "direct",
        "domain": ["skype.com",
                 "xsts.auth.xboxlive.com",
                 "clubhub.xboxlive.com",
                 "titlestorage.xboxlive.com",
                 "inventory.xboxlive.com",
                 "profile.xboxlive.com",
                 "privacy.xboxlive.com",
                 "social.xboxlive.com",
  //             "userpresence.xboxlive.com",
                 "win10fore.ndlmix.ourdvs.com",
                 "v10.events.data.microsoft.com",
                 "forzaplayercardstorage.blob.core.windows.net",
                 "xboxlive.cn", //玩xboxone加这些少费点流量
"geosite:cn"]
     }   
     ]
   }, 
   "dns": {
     "hosts": {
     },
     "servers": [
       {
         "address": "自己的DNS",
         "port": 53,
         "domains": [
         ]
       },
       "localhost"
     ]
   },
   "policy": {
     "levels": {
       "0": {
         "uplinkOnly": 0,
         "downlinkOnly": 0
       }
     },
     "system": {
       "statsInboundUplink": false,
       "statsInboundDownlink": false
     }
   },
   "other": {}
 } 

其它ipset设置看之前的文章。就可以了。